上报QQKAV系统诊断日志

日志内容已自动填写，请写明“问题描述”及“验证码”后点击“上报日志”。

问题描述：
验证码：

发表于 2012-4-23 13:45:05 编号：56135
问题描述：病毒
QQKav系统诊断报告!--2012.1.1
生成时间：2012/4/23  13:44:42
操作系统：Windows Server 2008 6.1_7601.2:Service Pack 1
IE版本：Internet Explorer v9.0.8112.16421
本机内存:2.30 GB - 可用内存:1.00 GB
==================================================
系统启动项：
360sd |"E:\360sd\360sd.exe" /autorun|
Sidebar |C:\Program Files\Windows Sidebar\sidebar.exe /autoRun|
ctfmon.exe|C:\Windows\system32\ctfmon.exe|
RtHDVBg_Dolby |C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE4 |
AVP |"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"|
360Safetray |"E:\360safe\safemon\360Tray.exe" /start|
IAStorIcon|C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60|
RtHDVCpl|C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s|
AtherosBtStack|"C:\Program Files\Bluetooth Suite\BtvStack.exe"|
AthBtTray |"C:\Program Files\Bluetooth Suite\AthBtTray.exe"|
S6000Mnt|Rundll32.exe S6000Rmv.dll ,WinMainRmv /StartStillMnt|
!!QQKav |D:\qqkav_newhua\qqkav_newhua.exe|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
E:\360safe\deepscan\ZhuDongFangYu.exe
C:\Windows\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Bluetooth Suite\AdminService.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\dwm.exe
C:\Windows\explorer.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
E:\360safe\safemon\360tray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
D:\qqkav_newhua\qqkav_newhua.exe
C:\Windows\WebCam\S6000\S6000Mnt.exe
E:\360sd\360sd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
E:\QQ\Bin\QQ.exe
E:\QQ\Bin\TXPlatform.exe
E:\360sd\360rp.exe
E:\QQ\Bin\QQ.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
E:\迅雷\Program\Thunder.exe
c:\program files\common files\thunder network\tp\ver1\1.1.2.116_1111\ThunderPlatform.exe
E:\QQ\Bin\QQExternal.exe
audiodg.exe
C:\Windows\system32\WUDFHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.exe
C:\Windows\system32\wbem\WmiPrvSE.exe

未知IE加载项：
未知BHO插件：
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
360 杀毒实时防护加载服务|360rp |"E:\360sd\360rps.exe"|
Adobe Acrobat Update Service|AdobeARMservice |"C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"|
Adobe Flash Player Update Service|AdobeFlashPlayerUpdateSvc|C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe|
Adobe LM Service|Adobe LM Service|"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"|
AtherosSvc|AtherosSvc|C:\Program Files\Bluetooth Suite\adminservice.exe|
Autodesk Content Service|Autodesk Content Service|"C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe"|
FLEXnet Licensing Service|FLEXnet Licensing Service|"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"|
Intel(R) Rapid Storage Technology|IAStorDataMgrSvc|"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"|
Microsoft SharePoint Workspace Audit Service|Microsoft SharePoint Workspace Audit Service|E:\office2010\Office14\GROOVE.EXE /auditservice|
NVIDIA Display Driver Service|nvsvc |C:\Windows\system32\nvvsvc.exe|
卡巴斯基反病毒服务|AVP |"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" -r|
主动防御|ZhuDongFangYu |"E:\360safe\deepscan\zhudongfangyu.exe"|

发表于 2012-4-23 9:51:55 编号：56134
问题描述：病毒
QQKav系统诊断报告!--2012.1.1
生成时间：2012-4-23  9:51:12
操作系统：Windows XP 5.1_2600.2:Service Pack 3
IE版本：Internet Explorer v8.0.6001.18702
本机内存:503.37 MB - 可用内存:167.47 MB
==================================================
系统启动项：
ctfmon.exe|C:\WINDOWS\system32\ctfmon.exe|
360Safetray |"C:\Program Files\360\360Safe\safemon\360Tray.exe" /start|
QvodTerminal|"D:\Program Files\QvodPlayer\QvodTerminal.exe" -autorun|
!!QQKav |F:\qqkav_newhua\qqkav_newhua.exe|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\360\360Safe\deepscan\ZhuDongFangYu.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\360\360Safe\safemon\360Tray.exe
D:\Program Files\QvodPlayer\QvodTerminal.exe
C:\WINDOWS\system32\ctfmon.exe
F:\qqkav_newhua\qqkav_newhua.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\360\360Safe\360Safe.exe
C:\Program Files\360\360Safe\deepscan\DSMain.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

未知IE加载项：
未知BHO插件：
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
主动防御|ZhuDongFangYu |"C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe"|

发表于 2012-4-23 7:28:40 编号：56133
问题描述：病毒
QQKav系统诊断报告!--2012.1.1
生成时间：2010-4-24  7:26:25
操作系统：Windows XP 5.1_2600.2:Service Pack 3
IE版本：Internet Explorer v6.0.2900.5512
本机内存:1.93 GB - 可用内存:1.32 GB
==================================================
系统启动项：
ctfmon.exe|C:\WINDOWS\system32\ctfmon.exe|
360sd |"C:\Program Files\360\360sd\360sd.exe" /autorun|
360Safetray |"C:\Program Files\360\360safe\safemon\360Tray.exe" /start|
QvodTerminal|"E:\Program Files\QvodPlayer\QvodTerminal.exe" -autorun|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\360\360safe\deepscan\ZhuDongFangYu.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\360\360safe\safemon\360tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\360\360sd\360sd.exe
E:\Program Files\pipi\jfCacheMgr.exe
E:\Program Files\QvodPlayer\QvodTerminal.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\360\360sd\360rp.exe
C:\Program Files\360\360safe\softmgr\SoftManager.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX99.120\qqkav\qqkav.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Tencent\QQ\Bin\QQ.exe
D:\Program Files\Tencent\QQ\Bin\TXPlatform.exe
C:\Program Files\腾讯游戏\QQGAME\QQGame.exe
C:\Program Files\腾讯游戏\QQGAME\QQGameDl.exe
D:\Program Files\Tencent\QQ\Bin\QQExternal.exe

未知IE加载项：
未知BHO插件：
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
360 杀毒实时防护服务|360rp |"C:\Program Files\360\360sd\360rps.exe"|
Adobe Flash Player Update Service|AdobeFlashPlayerUpdateSvc|C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe|
PIPIStartSvr|PIPIStartSvr|E:\Program Files\pipi\PIPIStartSvr.exe|
主动防御|ZhuDongFangYu |"C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe"|

发表于 2012-4-22 23:21:39 编号：56132
问题描述：病毒
QQKav系统诊断报告!--2012.1.1
生成时间：2012/4/22  23:21:21
操作系统：Windows Server 2008 6.1_7601.2:Service Pack 1
IE版本：Internet Explorer v8.0.7601.17514
本机内存:1015.30 MB - 可用内存:397.10 MB
==================================================
系统启动项：
360sd |"C:\Program Files\360\360sd\360sd.exe" /autorun|
jymsgr|C:\Program Files\Jiayuan\jymsgr.exe /boot|
ctfmon.exe|C:\Windows\system32\ctfmon.exe|
360Safetray |"C:\Program Files\360\360safe\safemon\360Tray.exe" /start|
QlbCtrl.exe |C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start|
!!QQKav |C:\Users\ADMINI~1\AppData\Local\Temp\Rar$EX92.760\qqkav_newhua.exe|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\360\360safe\deepscan\ZhuDongFangYu.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\Hotkey\PowerBiosServer.exe
C:\Windows\system32\dwm.exe
C:\Windows\explorer.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\360\360safe\safemon\360tray.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\360\360sd\360sd.exe
C:\Program Files\Jiayuan\jymsgr.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\360\360sd\360rp.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\YouKu\common\ikucmc.exe
C:\Program Files\YouKu\common\ikuacc.exe
audiodg.exe
C:\Users\ADMINI~1\AppData\Local\Temp\Rar$EX92.760\qqkav_newhua.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\360\360safe\LiveUpdate360.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\rundll32.exe

未知IE加载项：
{0EA37B17-6B8B-4085-8257-F3A4AA69C27A}
|迅雷FLV视频嗅探及下载支持|C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.5.64.dll
{1D63232D-4F15-4A42-890D-EE617AA1537D}
|WWPicUploadCtrl Class|F:\Program Files\AliWangWang\7.10.06C\modules\1685\WWPictureUpload.dll
{1DABF8D5-8430-4985-9B7F-A30E53D709B3}
|InstallHelper Class|F:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll
{55B8F0C5-C633-4646-A088-1B3D4F4AFAE3}
|JJWEIObj Class
{5FFF24BC-DC02-4808-B4E0-A8E2C93FE407}
|迅雷发行IE支持|C:\Program Files\Thunder Network\Thunder\BHO\xlfxctrl1.0.1.64.dll
{6EE9CD3E-A386-4DAE-9737-A759DBF927AE}
|Access UserInfo by Script|C:\Program Files\Thunder Network\Thunder\BHO\UserAgent1.0.2.10.dll
{802F530B-A8F6-4631-AE49-6BACAAC6373E}
|XunleiBHO Class|C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.4.3312.dll
{814953B0-3DE7-4171-A0DD-A7A38322B6C7}
{814953B0-3DE7-4171-A0DD-A7A38322B6C7}
{8B054DFE-79A3-4A6A-9F46-CD2A2F601129}
|Uploader Class|C:\Windows\system32\TXGYMailActiveX.dll
{95B3F550-91C4-4627-BCC4-521288C52977}
{95B3F550-91C4-4627-BCC4-521288C52977}
{9AA238FE-8298-48C9-B188-05B6AEE76C3A}
{9AA238FE-8298-48C9-B188-05B6AEE76C3A}
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F9}
|LiveDapCtrl Class|C:\Program Files\Common Files\Thunder Network\KanKan\LiveDapCtrl.1.0.0.10.(676).dll
{BDEACC50-F56D-4D60-860F-CF6ED1766D65}
|FTNUpload Class|C:\Windows\system32\TXFTNA~1.DLL
{BFB79EE1-04AE-4D4A-B85E-27EE5F30C095}
|ScreenCapture Class|C:\Windows\system32\TXGYMailActiveX.dll
{D928E486-C465-4A64-976D-F3B24BBECC69}
|KuAgent2 Class|C:\Program Files\YouKu\common\YoukuAgent.dll
{DD5BF6D1-6663-47E0-9DFA-5C343CAF178E}
|xoliimpl Class|C:\Windows\xinstaller.dll
{EAAED308-7322-4B9B-965E-171933ADD473}
|SSOForPTLogin2 Class|C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll
{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}
|TimwpDll.TimwpCheck|F:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll
{EF0D1A14-1033-41A2-A589-240C01EDC078}
|PPLive Lite Class|C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll
{F4BA5508-8AB7-45C1-8D0A-A1237AD82399}
|DropFile Class|C:\Windows\system32\TXGYMailActiveX.dll
未知BHO插件：
{0EA37B17-6B8B-4085-8257-F3A4AA69C27A}
|迅雷FLV视频嗅探及下载支持|C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.5.64.dll
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
360 杀毒实时防护服务|360rp |"C:\Program Files\360\360sd\360rps.exe"|
Adobe Flash Player Update Service|AdobeFlashPlayerUpdateSvc|C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe|
Andrea ST Filters Service|AESTFilters |C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe|
Audio Service |STacSV|C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe|
Com4QLBEx |Com4QLBEx |"C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"|
hpqwmiex|hpqwmiex|"C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe"|
PowerBiosServer |PowerBiosServer |"C:\Program Files\Hotkey\PowerBiosServer.exe"|
主动防御|ZhuDongFangYu |"C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe"|

发表于 2012-4-22 21:01:43 编号：56131
问题描述：病毒
QQKav系统诊断报告!--2012.1.1
生成时间：2012-4-22  下午 09:01:06
操作系统：Windows XP 5.1_2600.2:Service Pack 3
IE版本：Internet Explorer v8.0.6001.18702
本机内存:1.97 GB - 可用内存:1.50 GB
==================================================
系统启动项：
ctfmon.exe|C:\WINDOWS\system32\ctfmon.exe|
ToolwizCareFree |"C:\Program files\ToolwizCareFree\ToolwizCares.exe" -autorun|
avast |"C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui|
QQ游戏启动加速程序.lnk|C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
E:\QQ\Bin\QQ.exe
E:\QQ\Bin\TXPlatform.exe
E:\QQ\Bin\QQExternal.exe
F:\安装文件\qqkav.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\conime.exe

未知IE加载项：
{00000000-12C9-4305-82F9-43058F20E8D2}
|QQCycloneHelper Class|D:\QQ旋风\QQIEHE~1.DLL
{1DABF8D5-8430-4985-9B7F-A30E53D709B3}
|InstallHelper Class|C:\WINDOWS\system32\MMInstaller.dll
{5052B4D0-9DF7-45ef-88EF-F42C0EA33A43}
|QQPYChecker Class|D:\QQ拼音\QQPinyin\4.4.1116.400\QQImeChecker.dll
{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}
|avast! WebRep|C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
未知BHO插件：
{00000000-12C9-4305-82F9-43058F20E8D2}
|QQCycloneHelper Class|D:\QQ旋风\QQIEHE~1.DLL
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
|avast! WebRep|C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
Adobe Flash Player Update Service|AdobeFlashPlayerUpdateSvc|C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe|
avast! Antivirus|avast! Antivirus|"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"|

发表于 2012-4-22 18:08:55 编号：56130
问题描述：病毒
？？

发表于 2012-4-22 14:41:04 编号：56129
问题描述：病毒
QQKav系统诊断报告!--2010.9.10
生成时间：2012-4-22  14:39:49
操作系统：Windows XP 5.1_2600.2:Service Pack 2
IE版本：Internet Explorer v6.0.2900.2180
本机内存:1023.48 MB - 可用内存:578.07 MB
==================================================
系统启动项：
ctfmon.exe|C:\WINDOWS\system32\ctfmon.exe|
Thunder |C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe -silent -StartType:AutoRun|
kxesc |"C:\Program Files\Common Files\Kingsoft\kiscommon\kxetray.exe" -autorun|
MenuOrder |C:\Program Files\ICBCPe~1\ICBC\Gemplus(Personal)\MenuOrder\MenuOrder.exe|
!!QQKav |C:\Program Files\常用工具\qqkav.exe|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
kxedefend.exe
kxescore.exe
kxesapp.exe
kxeserv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\EXPLORER.EXE
kxetray.exe
C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe
upsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe
C:\Program Files\SogouInput\6.1.0.6700\sogoupinyintray.exe
C:\Program Files\常用工具\qqkav.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe
c:\program files\common files\thunder network\tp\ver1\1.1.2.46_1111\ThunderPlatform.exe
C:\Program Files\Thunder Network\Thunder\Addins\InMediaAddin\ThunderMinisite.exe
D:\Program Files\QQ2010\Bin\QQ.exe
D:\Program Files\QQ2010\Bin\HKDlls\KQAdTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

未知IE加载项：
{1D90741B-F236-4D21-94F6-F70631BF3CA3}
|GemOCX Control|C:\WINDOWS\system32\GemOCX.ocx
{1DABF8D5-8430-4985-9B7F-A30E53D709B3}
|InstallHelper Class|C:\WINDOWS\system32\MMInstaller.dll
{2D90D33C-DE76-42D0-9040-E4466DDC24AC}
|迅雷网页图片浏览器IE支持|C:\Program Files\Thunder Network\Thunder\Program\EmbedDetectNow.dll
{36C9539B-49D2-01C7-9C6D-10DACDFEA59C}
|Axcleanctrl Class|C:\WINDOWS\system32\icbcclean.dll
{38481807-CA0E-42D2-BF39-B33AF135CC4D}
|IETag Factory|C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL
{3AA9CF07-DF20-48FF-98BE-DED276E40146}
|GDGetTokenInfo Class|C:\WINDOWS\system32\GDREAD~1.DLL
{5EFE0AA6-B28B-41BD-9B3C-02AA3F79EA9A}
|CAntiVersion Object|C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\AntiPhishingVer.dll
{6EE9CD3E-A386-4DAE-9737-A759DBF927AE}
|Access UserInfo by Script|C:\Program Files\Thunder Network\Thunder\ComDlls\UserAgent.dll
{7CCE07A5-A590-4554-B5C3-082840D7012E}
|GDGetVer Class|C:\WINDOWS\DOWNLO~1\ICBC_G~2.DLL
{84894428-B1F9-4C88-8A45-D6B8524E53B3}
{84894428-B1F9-4C88-8A45-D6B8524E53B3}
{96CD6DA7-17F2-4576-82B0-BE4526FB7D6B}
|VASensor Class|C:\Program Files\Common Files\Thunder Network\KanKan\kkva.1.0.0.3.(166).dll
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9C}
|VersionDetector Class|C:\Program Files\Common Files\Thunder Network\KanKan\kkvd.1.0.0.1.(165).dll
{A24E6133-404F-4431-A296-2DE576FC5AEE}
|HallToolkit Class|C:\Program Files\Common Files\Thunder Network\XLGame\HallTool.1.0.0.6.(885).dll
{AA899B43-24BD-4B6B-BBD0-45557D8D11E0}
|WebVGPlayer Class|C:\Program Files\VIEWGOOD\WebPlayer 2007\WebPlayer\VGPlayer.dll
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F9}
|LiveDapCtrl Class|C:\Program Files\Common Files\Thunder Network\KanKan\LiveDapCtrl.1.0.0.9.(166).dll
{BF6B2647-9A97-4258-AC3F-7CC8EA20D422}
|Icbc_gemplusdv Control|C:\WINDOWS\DOWNLO~1\ICBC_G~1.DLL
{DA1B7A94-28C8-4CDE-82B8-D5773AE27780}
|icbc_bhdc1vdvCom Class|C:\WINDOWS\system32\icbc_bhdc1vdv.dll
{DD5BF6D1-6663-47E0-9DFA-5C343CAF178E}
|xoliimpl Class|C:\WINDOWS\xinstaller.dll
{EF0D1A14-1033-41A2-A589-240C01EDC078}
|PPLive Lite Class|C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll
{FDAEAB93-6DC0-4A63-81C6-95C88ED36F6A}
|SEInterface Class|C:\Program Files\SogouExplorer\seapi.dll
未知BHO插件：
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
Ati HotKey Poller |Ati HotKey Poller |C:\WINDOWS\system32\Ati2evxx.exe|
ICBC Daemon Service |ICBC Daemon Service |C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe|
Kingsoft Antivirus Update Service|KxEUpSrv|"C:\Program Files\Common Files\Kingsoft\kiscommon\upsvc.exe"|
Kingsoft Antivirus XEngine Service|KxEServ |"C:\Program Files\Common Files\Kingsoft\kiscommon\kxeserv.exe"|
Kingsoft Core Defend Service|kxedefend |"C:\Program Files\Common Files\Kingsoft\kiscommon\kxedefend.exe" /service kxedefend|
Kingsoft Core Service|kxescore|"C:\Program Files\Common Files\Kingsoft\kiscommon\kxescore.exe" /service kxescore|
Kingsoft Security App Service|kxesapp |"C:\Program Files\Common Files\Kingsoft\kiscommon\kxesapp.exe" /service kxesapp|
UPS |UPS |C:\WINDOWS\System32\ups.exe|
XLDoctor Services |XLDoctor Services |C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe|

发表于 2012-4-22 10:07:30 编号：56128
问题描述：病毒
QQKav系统诊断报告!--2012.1.1
生成时间：2012-4-22  上午 10:07:11
操作系统：Windows XP 5.1_2600.2:Service Pack 3
IE版本：Internet Explorer v8.0.6001.18702
本机内存:1.75 GB - 可用内存:875.13 MB
==================================================
系统启动项：
360sd |"C:\Program Files\360\360sd\360sd.exe" /autorun|
ctfmon.exe|C:\WINDOWS\system32\ctfmon.exe|
360Safetray |"C:\Program Files\360\360safe\safemon\360Tray.exe" /start|
!!QQKav |C:\Documents and Settings\Administrator\桌面\qqkav.exe|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\360\360safe\deepscan\ZhuDongFangYu.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\360\360safe\safemon\360tray.exe
C:\Documents and Settings\Administrator\桌面\qqkav.exe
C:\Program Files\360\360sd\360sd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\360\360sd\360rp.exe
D:\QQ\Bin\QQ.exe
D:\QQ\Bin\TXPlatform.exe
D:\QQ\Bin\QQ.exe
D:\QQ\Bin\QQExternal.exe
D:\QQ\Bin\QQExternal.exe
D:\AskTao\asktao.mod
C:\WINDOWS\system32\conime.exe
D:\Kugou7\KuGou.exe
D:\Kugou7\KgDaemon.exe
D:\QQ\Bin\QQ.exe
D:\QQ\Bin\QQ.exe
D:\QQ\Bin\QQExternal.exe
C:\Program Files\SogouInput\5.2.0.5374\SogouCloud.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\explorer.exe

未知IE加载项：
{00000000-0593-4356-9CF7-1D8C2B3343C0}
{00000000-0593-4356-9CF7-1D8C2B3343C0}
{00000000-12C9-4305-82F9-43058F20E8D2}
{00000000-12C9-4305-82F9-43058F20E8D2}
{14631F4A-A1DA-484E-BB72-03598F8B96F9}
{14631F4A-A1DA-484E-BB72-03598F8B96F9}
{15A03EB5-B24B-44A4-9E04-B9BB71382CB2}
{15A03EB5-B24B-44A4-9E04-B9BB71382CB2}
{162AF25B-5A2A-448E-A842-194653EF3E05}
|KuGoo3Down Control|D:\Kugou7\KuGoo3DownXControl.ocx
{23752AA7-CAD7-40C2-99EE-7A9CD3C20C6D}
|QQCPHelper.CPAdder|D:\QQ\Bin\CPHelper.dll
{2F72105F-EA3A-20D5-5411-A1F39AC9BF59}
{2F72105F-EA3A-20D5-5411-A1F39AC9BF59}
{38481807-CA0E-42D2-BF39-B33AF135CC4D}
|IETag Factory|C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL
{48C60B09-C9B7-362B-87E2-7861045A7F1E}
|IE Search Helper|C:\Program Files\TENCENT\SOSOAddr\ieaddr.dll
{5BE4D929-4821-73E4-1A46-2E1CF42B3744}
{5BE4D929-4821-73E4-1A46-2E1CF42B3744}
{70425897-213B-4a9a-943B-2EEFB2124E35}
{70425897-213B-4a9a-943B-2EEFB2124E35}
{72C24DD5-D70A-438B-8A42-98424B88AFB8}
|Windows Script Host Shell Object|C:\WINDOWS\system32\wshom.ocx
{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
{7C6D5EE5-C859-4B49-8F7B-DE0927D1C3E9}
{7C6D5EE5-C859-4B49-8F7B-DE0927D1C3E9}
{802F530B-A8F6-4631-AE49-6BACAAC6373E}
|XDownloaddManager Class|C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
{94C3E4BB-A261-4A83-B437-EA6F7A28CA68}
{94C3E4BB-A261-4A83-B437-EA6F7A28CA68}
{95B3F550-91C4-4627-BCC4-521288C52977}
{95B3F550-91C4-4627-BCC4-521288C52977}
{99D9DC39-90DE-41D3-AECA-345D7F1B9540}
|KuaiWan Class|C:\Program Files\Kuaiwan\npKWCheck.dll
{A7F05EE4-0426-454F-8013-C41E3596E9E9}
{A7F05EE4-0426-454F-8013-C41E3596E9E9}
{A8502600-B272-4F68-A67B-A0305D46D297}
{A8502600-B272-4F68-A67B-A0305D46D297}
{BAEA0695-03A4-43BB-8495-C7025E1A8F42}
{BAEA0695-03A4-43BB-8495-C7025E1A8F42}
{D05739E4-544C-412F-91C2-D28F95C0A1E0}
{D05739E4-544C-412F-91C2-D28F95C0A1E0}
{D2E6878A-49AF-4F6B-8A2F-C2A93F19EF80}
|webThunder Class|C:\Program Files\Thunder Network\Thunder\ComDlls\LinkSimulate.dll
{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9}
{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9}
{DD5BF6D1-6663-47E0-9DFA-5C343CAF178E}
{DD5BF6D1-6663-47E0-9DFA-5C343CAF178E}
{E2065C93-6DF5-4782-AB38-EEC53AA41C76}
|A Simulation for JetCar Netscape Class|C:\Program Files\Thunder Network\Thunder\ComDlls\LinkSimulate.dll
{E8D8BC8B-2351-4428-8308-B90DD082F084}
|CloudLogin Class
{EAAED308-7322-4B9B-965E-171933ADD473}
|SSOForPTLogin2 Class|C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.37\Bin\npSSOAxCtrlForPTLogin.dll
{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}
|TimwpDll.TimwpCheck|D:\QQ\Bin\Timwp.dll
{EF0D1A14-1033-41A2-A589-240C01EDC078}
|PPLive Lite Class|C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll
{F587310D-5306-494D-87E2-88334B46E781}
|AxPlayer Class|C:\Program Files\Baofeng\StormPlayer\webplayer\PlayerShell.dll
未知BHO插件：
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
360 杀毒实时防护服务|360rp |"C:\Program Files\360\360sd\360rps.exe"|
Adobe Flash Player Update Service|AdobeFlashPlayerUpdateSvc|C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe|
Ati HotKey Poller |Ati HotKey Poller |C:\WINDOWS\system32\Ati2evxx.exe|
Remote Packet Capture Protocol v.0 (experimental)|rpcapd|"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"|
主动防御|ZhuDongFangYu |"C:\Program Files\360\360safe\deepscan\ZhuDongFangYu.exe"|

发表于 2012-4-22 10:04:43 编号：56127
问题描述：病毒
QQKav系统诊断报告!--2010.6.1
生成时间：2012-4-22  上午 10:04:36
操作系统：Windows XP 5.1_2600.2:Service Pack 3
IE版本：Internet Explorer v6.0.2900.5512
本机内存:2.00 GB - 可用内存:1.18 GB
==================================================
系统启动项：
internat.exe|internat.exe|
ctfmon.exe|C:\WINDOWS\system32\ctfmon.exe|
ATIModeChange |Ati2mdxx.exe|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HintSoft\PubwinClient\PubwinClient.exe
C:\WINDOWS\system32\internat.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\HintSoft\PubwinClient\smss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\cmd.exe
C:\WINDOWS\temp\lsass.exe
c:\program files\e-yoo\eyuscore.exe
C:\WINDOWS\system32\UrlFilter.dll\hyreblsqwxb.exe
C:\OnlineGame\聊天工具\QQ2012\QQ\Bin\QQ.exe
C:\OnlineGame\聊天工具\QQ2012\QQ\Bin\TXPlatform.exe
C:\OnlineGame\聊天工具\QQ2012\QQ\Bin\QQExternal.exe
C:\OnlineGame\聊天工具\QQ2012\QQ音乐\QQMusic.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Temp\Rar$EX25.728\qqkav\qqkav.exe

未知IE加载项：
{00000000-0593-4356-9CF7-1D8C2B3343C0}
{00000000-0593-4356-9CF7-1D8C2B3343C0}
{062D8468-C491-4324-94FE-44C49F37BB33}
|站点统计|C:\WINDOWS\temp\STCTRWatcher.dll
{6E28339B-7A2A-47B6-AEB2-46BA53782379}
{6E28339B-7A2A-47B6-AEB2-46BA53782379}
{954F618B-0DEC-4D1A-9317-E0FC96F87865}
{954F618B-0DEC-4D1A-9317-E0FC96F87865}
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}
{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}
{D878EB20-C55A-4402-8B25-6387D34F10CB}
{D878EB20-C55A-4402-8B25-6387D34F10CB}
{EAAED308-7322-4B9B-965E-171933ADD473}
|SSOForPTLogin2 Class|C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll
未知BHO插件：
{062D8468-C491-4324-94FE-44C49F37BB33}
|站点统计|C:\WINDOWS\temp\STCTRWatcher.dll
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
Ati HotKey Poller |Ati HotKey Poller |C:\WINDOWS\system32\Ati2evxx.exe|
E-yoo Client Start Services|EyooClientSVC |C:\Program Files\E-yoo\eyooservice.exe|

发表于 2012-4-22 9:50:41 编号：56126
问题描述：病毒
QQKav系统诊断报告!--2012.1.1
生成时间：2012-4-22  9:50:23
操作系统：Windows XP 5.1_2600.2:Service Pack 3
IE版本：Internet Explorer v8.0.6001.18702
本机内存:766.42 MB - 可用内存:481.92 MB
==================================================
系统启动项：
ctfmon.exe|C:\WINDOWS\system32\ctfmon.exe|
!!QQKav |C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.266\qqkav.exe|
QvodTerminal|"C:\Program Files\QvodPlayer\QvodTerminal.exe" -autorun|

系统进程列表：
[System Process]
System
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.266\qqkav.exe
C:\Program Files\QvodPlayer\QvodTerminal.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

未知IE加载项：
未知BHO插件：
未知系统Hooks插件：
未知SSODL插件：
未知系统服务：
Adobe Flash Player Update Service|AdobeFlashPlayerUpdateSvc|C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe|
PIPIStartSvr|PIPIStartSvr|C:\Program Files\pipi\PIPIStartSvr.exe|

总共有56458篇日志，共5646页，第143页首页上一页下一页尾页